Client 1 -> 192.168.108.0/24 and 10.8.0.4
openvpn server -> 10.8.0.0/24 and 10.10.40.19
client 2 -> 192.168.100.50 and 10.8.0.10
How to make client 2 network accessible from client 1 without changing client 2 router details
- First we need to be sure that IP forwarding is enabled on client 2 machine. Very often this is disabled by default. This is done by running the following command line as root:
sudo sysctl -w net.ipv4.ip_forward=1
This change is temporary so to make it permanent /etc/sysctl.conf In this file you should have a line stating:
net.ipv4.ip_forward = 1
-
Add
push "route 192.168.100.0 255.255.255.0"to openvpn server config. andiroute 192.168.100.0 255.255.255.0to client file in ccd folder -
Add iptables rule to client 2 machine.
sudo iptables -t nat -I POSTROUTING -d 192.168.100.0/24 -j MASQUERADE
Other useful iptables command for debugging
sudo tcpdump -i tun0 icmp
sudo iptables -t nat -L --line-numbers
sudo iptables -t nat -D POSTROUTING 1
Install different version of Openvpn
wget https://swupdate.openvpn.org/community/releases/openvpn-2.5.7.tar.gz
tar xfz openvpn-2.5.7.tar.gz
sudo apt install libssl-dev liblzo2-dev libpam0g-dev
cd openvpn-2.5.7
./configure
sudo make
sudo make install